University : University of Canberra UniLearnO is not sponsored or endorsed by this college or university.
Country : Australia
Assignment Task


Task

Introduction
This is an individual assignment and requires students to conduct a security evaluation of their personal information management situation and report on the results of this evaluation. The main body of the report is expected to be around 2500 words, but quality is more important than length.The intention of this review is to give you exposure to some of the issues that organisations might face when conducting similar information security reviews, but clearly with much less formality (both in terms of how the review is conducted and the expectations around the control environment).

As it is not feasible to give you access to a ‘normal’ organisational setting, we will use your personal situation as a simulation for the organisation. Despite this being similar to an organisational security review, it is important that you treat the situation ‘as is’ – that is you should focus on the risks that are relevant to your situation, not some real or pretend organisation. These risks may not be quite the same to those that organisations experience, but risks do vary significantly between differing organisations, so this will not undermine the integrity of this exercise.

The security evaluation review for this year will focus on some key issues, including access controls, operations security (backup and recovery, protection from malware, updates) and cybersecurity (concerning resilience and protection from cyber-attacks, malware and hacking). There may be some overlap between these issues.
There will be opportunities for students to informally discuss issues with this assignment and their review during the classes in the weeks leading up to the submission deadline. Make sure that you are familiar with what is required of this assignment and take advantage of this opportunity.


Requirements
This assignment is intended to cover the full range of your personal situation with respect to information and its management – this will include any technology, insomuch as it relates to information processing and storage. This includes:

  • home computers, laptops and home networks;
  • mobile devices that you may have including smart phones, tablets, smart watches, and fitness devices;
  • other storage media that you use to store relevant information;
  • personal information you store online (in the cloud – data storage and email). For this exercise, you should exclude:
  • other home-related devices such as smart TVs, Google/Apple/Amazon smart home devices, and electronic locks;
  • information about you that is stored by others (for example, the information the University keeps on students is outside of the scope of this review);
  • any work-related activity or home businesses (information security issues with these work related contexts would normally be covered by the workplace and their security evaluation processes).


The first step in the review is to identify all of the relevant information assets, any associated technology resources, and what these resources are used for. It is important for your report to include a description of these assets and their uses so that the reader has a context within which to 
situate the investigation and its findings. The nature of these assets and their use will influence the risk environment, so your overview is important for the reader to the make a judgement about the reliability of the review and its findings.


Required sections for your report
In summary, your report should include the following (these six dot points could be used as the basis for major headings/sections in your report):

  • An overview of your personal situation and the key risks areas that may be present (information, technology, and what these artefacts are used for; what are the key risks that might be evident in these uses of information and technology);
  • A brief discussion of the customised normative model that you have used for you review. This section is mainly concerned with how you have constructed this normative model and why you have included the various controls in the model, noting the various sources you have used. This section is more about providing a rationale for why various controls have been included, rather than just providing a simple list of the controls;
  • A summary of the tasks undertaken to conduct the review. What steps did you follow in conducting the review? What evidence did you consider in helping you form your views? What tests did you perform in order to verify the answers to key review questions? Did you use any automated tools for any of this testing?
  • The findings of your review and recommendations for improvement. You should provide a summary of the good and bad issues that arose from the review. What issues from the situation came up looking good in the review, and where was there room for improvement? What things would you realistically change in order to improve the information security environment? It is important that this section only presents a summary of the key issues from the review – the details of the evaluation of individual controls should be put in the appendix (the appendix table, with the fourth column detailing the evaluation of each individual control). You should not make recommendations that haven't appeared anywhere in the appendix table.
  • A reflection on the methodology or review approach, following your experience of applying it to your personal computing situation. This is an important part of the assignment and should not be neglected. There are details above on what should be covered in this section and a reasonable length for this section is around 500+ words;
  • An appendix with the details of your review. The detailed issues considered (customised normative model) and the assessment against these issues should be included in an  appendix in a table format (described below). This material is not part of the main word count for the assignment. While this appendix is not part of the word count, this will be part of the assessment for the assignment and the marker will need access to this material to ascertain the extent of the nature and quality of the review that you have undertaken. Without this table, there is little evidence that you have actually conducted an appropriate security evaluation and your assignment will be marked accordingly.

 

Assessment
The assignment is worth 30% of the marks for Information Security. The deadline for submissions of this assignment is Sunday night at the end of week 11 (24 April 2022). The main body of the report is expected to be around 2500 words – please include a word count, but words from any quotations, your bibliography, and the appendix table, should not be included in this word count. Note that it is not necessary to include an executive summary as this report is sufficiently brief, but a brief introduction setting out what the report covers would be helpful.
In marking the report, attention will be given to your understanding of information security concepts and how well you have met the requirements detailed above. Style and technique of your writing will also be considered. The section providing a reflection on the methodology and review approach is an important part of this assignment and will attract around one quarter of the marks allocated. All work quoted from other written sources must be appropriately referenced using the UC version of the Harvard (2021) author-date style (both with in-text references and all sources included in the bibliography).


A suggested process for this assignment is:

  • identify your information assets, associated technology and uses; think briefly about any risks that these uses might entail;
  • construct your customised normative model, and use this to populate the left-hand column of your appendix table;
  • conduct the security evaluation, using the appendix table as a means of documenting the elements of this review – this should result in a fully populated appendix table;
  • write the main body of the assignment, including the description of the information assets, the normative model and its construction, the description of the process you undertook, and key findings and recommendations – these findings and recommendations should connect directly with elements in your appendix table;
  • write the reflections section of the report.

 

This IT Computer Science Assignment has been solved by our IT Computer Science Expert at UniLearnO. Our Assignment Writing Experts are efficient to provide a fresh solution to this question. We are serving more than 10000+ Students in Australia, UK & US by helping them to score HD in their academics. Our Experts are well trained to follow all marking rubrics & referencing Style. Be it a used or new solution, the quality of the work submitted by our assignment experts remains unhampered. 

You may continue to expect the same or even better quality with the used and new assignment solution files respectively. There’s one thing to be noticed that you could choose one between the two and acquire an HD either way. You could choose a new assignment solution file to get yourself an exclusive, plagiarism (with free Turn tin file), expert quality assignment or order an old solution file that was considered worthy of the highest distinction.

  • Uploaded By : Jordan
  • Posted on : May 06th, 2021
  • Downloads : 144

Whatsapp Tap to ChatGet instant assistance